Daily NCSC-FI news followup 2019-10-06

HildaCrypt Ransomware Developer Releases Decryption Keys

www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/ The developer behind the HildaCrypt Ransomware has decided to release the ransomware’s private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free.. BleepingComputer had a conversation with the ransomware developer last night and was told that HildaCrypt was only made for fun and “it was mainly an educational thing really”. They further told us “hildacrypt never was used on anyone” and that they released the keys in case “some kid gets a hold of these binaries I hope the keys would be of some use”.

DNS-over-HTTPS causes more problems than it solves, experts say

www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/#ftag=RSSbaffb68 Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features.. The TL;DR is that most experts think DoH is not good, and people should be focusing their efforts on implementing better ways to encrypt DNS traffic — such as DNS-over-TLS — rather than DoH.

Värvätäänkö Facebookissa vakoojia? Erikoinen somekampanja herättää kysymyksiä joihin ei saada vastauksia

www.tivi.fi/uutiset/tv/d2eb827c-43cb-4b11-9c56-3229ff302cd5 Yhdysvaltain liittovaltion keskusrikospoliisi FBI mainostaa Facebookissa Washingtonin venäläisille. FBI yrittää ilmeisesti tuoreella mainoskampanjallaan värvätä venäläisiä agenteiksi tai heistä tietäviä kertomaan tietojaan, kertoo uutiskanava CNN.

You might be interested in …

Daily NCSC-FI news followup 2020-07-26

DJI Drone App Riddled With Privacy Issues, Researchers Allege threatpost.com/dji-drone-app-riddled-with-privacy-issues-researchers-allege/157730/ Leading commercial drone maker DJI is hitting back against researcher allegations that its Android mobile application is riddled with privacy holes. One includes that the app continues to run in the background even after it’s been closed and collects sensitive data from users without consent. […]

Read More

Daily NCSC-FI news followup 2019-07-06

ACSC Releases Updated Essential Eight Maturity Model www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential EightACSCs list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model […]

Read More

Daily NCSC-FI news followup 2019-11-10

Tällaisilla viesteillä suomalaisilta yrityksiltä kalastellaan rahaa katso, olisitko itse haksahtanut yle.fi/uutiset/3-11026269?origin=rss Tässä jutussa näet esimerkkejä aidoista työpaikoille tulevista huijausviesteistä. The state of JavaScript frameworks security report 2019 snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf A security review of Angular and React with a sneak peek into Vue.js, Bootstrap and jQuery. Also www.i-programmer.info/news/167-javascript/13232-the-perils-of-jquery.html. ” Although the JavaScript library jQuery is no longer […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.